
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" lang="zh_Hans">
  <head>
    <meta http-equiv="X-UA-Compatible" content="IE=Edge" />
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>django.contrib.auth &#8212; Django 3.2.11.dev 文档</title>
    <link rel="stylesheet" href="../../_static/default.css" type="text/css" />
    <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
    <script type="text/javascript" id="documentation_options" data-url_root="../../" src="../../_static/documentation_options.js"></script>
    <script type="text/javascript" src="../../_static/jquery.js"></script>
    <script type="text/javascript" src="../../_static/underscore.js"></script>
    <script type="text/javascript" src="../../_static/doctools.js"></script>
    <script type="text/javascript" src="../../_static/language_data.js"></script>
    <link rel="index" title="索引" href="../../genindex.html" />
    <link rel="search" title="搜索" href="../../search.html" />
    <link rel="next" title="内容类型框架" href="contenttypes.html" />
    <link rel="prev" title="管理的 JavaScript 自定义" href="admin/javascript.html" />



 
<script src="../../templatebuiltins.js"></script>
<script>
(function($) {
    if (!django_template_builtins) {
       // templatebuiltins.js missing, do nothing.
       return;
    }
    $(document).ready(function() {
        // Hyperlink Django template tags and filters
        var base = "../templates/builtins.html";
        if (base == "#") {
            // Special case for builtins.html itself
            base = "";
        }
        // Tags are keywords, class '.k'
        $("div.highlight\\-html\\+django span.k").each(function(i, elem) {
             var tagname = $(elem).text();
             if ($.inArray(tagname, django_template_builtins.ttags) != -1) {
                 var fragment = tagname.replace(/_/, '-');
                 $(elem).html("<a href='" + base + "#" + fragment + "'>" + tagname + "</a>");
             }
        });
        // Filters are functions, class '.nf'
        $("div.highlight\\-html\\+django span.nf").each(function(i, elem) {
             var filtername = $(elem).text();
             if ($.inArray(filtername, django_template_builtins.tfilters) != -1) {
                 var fragment = filtername.replace(/_/, '-');
                 $(elem).html("<a href='" + base + "#" + fragment + "'>" + filtername + "</a>");
             }
        });
    });
})(jQuery);</script>

  </head><body>

    <div class="document">
  <div id="custom-doc" class="yui-t6">
    <div id="hd">
      <h1><a href="../../index.html">Django 3.2.11.dev 文档</a></h1>
      <div id="global-nav">
        <a title="Home page" href="../../index.html">Home</a>  |
        <a title="Table of contents" href="../../contents.html">Table of contents</a>  |
        <a title="Global index" href="../../genindex.html">Index</a>  |
        <a title="Module index" href="../../py-modindex.html">Modules</a>
      </div>
      <div class="nav">
    &laquo; <a href="admin/javascript.html" title="管理的 JavaScript 自定义">previous</a>
     |
    <a href="../index.html" title="API 参考" accesskey="U">up</a>
   |
    <a href="contenttypes.html" title="内容类型框架">next</a> &raquo;</div>
    </div>

    <div id="bd">
      <div id="yui-main">
        <div class="yui-b">
          <div class="yui-g" id="ref-contrib-auth">
            
  <div class="section" id="s-django-contrib-auth">
<span id="django-contrib-auth"></span><h1><code class="docutils literal notranslate"><span class="pre">django.contrib.auth</span></code><a class="headerlink" href="#django-contrib-auth" title="永久链接至标题">¶</a></h1>
<p>该文档提供了 Django 认证系统组件的 API 。有关更多这些组件的用例，或需要自定义认证与鉴权，请参阅 <a class="reference internal" href="../../topics/auth/index.html"><span class="doc">认证主题指南</span></a>。</p>
<div class="section" id="s-user-model">
<span id="user-model"></span><h2><code class="docutils literal notranslate"><span class="pre">User</span></code> 模型<a class="headerlink" href="#user-model" title="永久链接至标题">¶</a></h2>
<dl class="class">
<dt id="django.contrib.auth.models.User">
<em class="property">class </em><code class="descclassname">models.</code><code class="descname">User</code><a class="headerlink" href="#django.contrib.auth.models.User" title="永久链接至目标">¶</a></dt>
<dd></dd></dl>

<div class="section" id="s-fields">
<span id="fields"></span><h3>字段<a class="headerlink" href="#fields" title="永久链接至标题">¶</a></h3>
<dl class="class">
<dt>
<em class="property">class </em><code class="descclassname">models.</code><code class="descname">User</code></dt>
<dd><p><a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal notranslate"><span class="pre">User</span></code></a> 对象有如下字段：</p>
<dl class="attribute">
<dt id="django.contrib.auth.models.User.username">
<code class="descname">username</code><a class="headerlink" href="#django.contrib.auth.models.User.username" title="永久链接至目标">¶</a></dt>
<dd><p>必要的。150 个字符或以下。用户名可包含字母数字、<code class="docutils literal notranslate"><span class="pre">_</span></code>、<code class="docutils literal notranslate"><span class="pre">&#64;</span></code>、<code class="docutils literal notranslate"><span class="pre">+</span></code>、<code class="docutils literal notranslate"><span class="pre">.</span></code> 和 <code class="docutils literal notranslate"><span class="pre">-</span></code> 字符。</p>
<p><code class="docutils literal notranslate"><span class="pre">max_length</span></code> 对许多使用情况来说应该是足够的。如果你需要更长的长度，请使用 <a class="reference internal" href="../../topics/auth/customizing.html#specifying-custom-user-model"><span class="std std-ref">自定义用户模型</span></a>。如果你使用的 MySQL 是 <code class="docutils literal notranslate"><span class="pre">utf8mb4</span></code> 编码（推荐用于适当的 Unicode 支持），最多指定 <code class="docutils literal notranslate"><span class="pre">max_length=191</span></code>，因为在这种情况下，MySQL 默认只能创建 191 个字符的唯一索引。</p>
</dd></dl>

<dl class="attribute">
<dt id="django.contrib.auth.models.User.first_name">
<code class="descname">first_name</code><a class="headerlink" href="#django.contrib.auth.models.User.first_name" title="永久链接至目标">¶</a></dt>
<dd><p>可选的（<a class="reference internal" href="../models/fields.html#django.db.models.Field.blank" title="django.db.models.Field.blank"><code class="xref py py-attr docutils literal notranslate"><span class="pre">blank=True</span></code></a>）。150 个字符或更少。</p>
<div class="versionchanged">
<span class="title">Changed in Django 3.1:</span> <p><code class="docutils literal notranslate"><span class="pre">max_length</span></code> 从 30 个字符增加到 150 个字符。</p>
</div>
</dd></dl>

<dl class="attribute">
<dt id="django.contrib.auth.models.User.last_name">
<code class="descname">last_name</code><a class="headerlink" href="#django.contrib.auth.models.User.last_name" title="永久链接至目标">¶</a></dt>
<dd><p>可选的（<a class="reference internal" href="../models/fields.html#django.db.models.Field.blank" title="django.db.models.Field.blank"><code class="xref py py-attr docutils literal notranslate"><span class="pre">blank=True</span></code></a>）。150 个字符或更少。</p>
</dd></dl>

<dl class="attribute">
<dt id="django.contrib.auth.models.User.email">
<code class="descname">email</code><a class="headerlink" href="#django.contrib.auth.models.User.email" title="永久链接至目标">¶</a></dt>
<dd><p>可选的（<a class="reference internal" href="../models/fields.html#django.db.models.Field.blank" title="django.db.models.Field.blank"><code class="xref py py-attr docutils literal notranslate"><span class="pre">blank=True</span></code></a>）。电子邮件地址。</p>
</dd></dl>

<dl class="attribute">
<dt id="django.contrib.auth.models.User.password">
<code class="descname">password</code><a class="headerlink" href="#django.contrib.auth.models.User.password" title="永久链接至目标">¶</a></dt>
<dd><p>需要。一个密码的哈希值和元数据。（Django 不存储原始密码。）原始密码可以任意长，可以包含任何字符。参见 <a class="reference internal" href="../../topics/auth/passwords.html"><span class="doc">密码文档</span></a>。</p>
</dd></dl>

<dl class="attribute">
<dt id="django.contrib.auth.models.User.groups">
<code class="descname">groups</code><a class="headerlink" href="#django.contrib.auth.models.User.groups" title="永久链接至目标">¶</a></dt>
<dd><p>多对多关系到 <a class="reference internal" href="#django.contrib.auth.models.Group" title="django.contrib.auth.models.Group"><code class="xref py py-class docutils literal notranslate"><span class="pre">Group</span></code></a></p>
</dd></dl>

<dl class="attribute">
<dt id="django.contrib.auth.models.User.user_permissions">
<code class="descname">user_permissions</code><a class="headerlink" href="#django.contrib.auth.models.User.user_permissions" title="永久链接至目标">¶</a></dt>
<dd><p>多对多关系到 <a class="reference internal" href="#django.contrib.auth.models.Permission" title="django.contrib.auth.models.Permission"><code class="xref py py-class docutils literal notranslate"><span class="pre">Permission</span></code></a></p>
</dd></dl>

<dl class="attribute">
<dt id="django.contrib.auth.models.User.is_staff">
<code class="descname">is_staff</code><a class="headerlink" href="#django.contrib.auth.models.User.is_staff" title="永久链接至目标">¶</a></dt>
<dd><p>布尔型。指定该用户是否可以访问管理站点。</p>
</dd></dl>

<dl class="attribute">
<dt id="django.contrib.auth.models.User.is_active">
<code class="descname">is_active</code><a class="headerlink" href="#django.contrib.auth.models.User.is_active" title="永久链接至目标">¶</a></dt>
<dd><p>布尔值。指定该用户账户是否应该被视为活跃账户。我们建议你把这个标志设置为 <code class="docutils literal notranslate"><span class="pre">False</span></code>，而不是删除账户；这样，如果你的应用程序对用户有任何外键，外键就不会被破坏。</p>
<p>这不一定能控制用户是否能登录。认证后端不一定需要检查 <code class="docutils literal notranslate"><span class="pre">is_active</span></code> 标志，但默认的后端（<a class="reference internal" href="#django.contrib.auth.backends.ModelBackend" title="django.contrib.auth.backends.ModelBackend"><code class="xref py py-class docutils literal notranslate"><span class="pre">ModelBackend</span></code></a>）和 <a class="reference internal" href="#django.contrib.auth.backends.RemoteUserBackend" title="django.contrib.auth.backends.RemoteUserBackend"><code class="xref py py-class docutils literal notranslate"><span class="pre">RemoteUserBackend</span></code></a> 会检查。如果你想允许不活跃的用户登录，你可以使用 <a class="reference internal" href="#django.contrib.auth.backends.AllowAllUsersModelBackend" title="django.contrib.auth.backends.AllowAllUsersModelBackend"><code class="xref py py-class docutils literal notranslate"><span class="pre">AllowAllUsersModelBackend</span></code></a> 或者 <a class="reference internal" href="#django.contrib.auth.backends.AllowAllUsersRemoteUserBackend" title="django.contrib.auth.backends.AllowAllUsersRemoteUserBackend"><code class="xref py py-class docutils literal notranslate"><span class="pre">AllowAllUsersRemoteUserBackend</span></code></a>。在这种情况下，你还需要自定义 <a class="reference internal" href="../../topics/auth/default.html#django.contrib.auth.forms.AuthenticationForm" title="django.contrib.auth.forms.AuthenticationForm"><code class="xref py py-class docutils literal notranslate"><span class="pre">AuthenticationForm</span></code></a> 所使用的 <code class="xref py py-class docutils literal notranslate"><span class="pre">LoginView</span></code>，因为它拒绝非活动用户。需要注意的是， <a class="reference internal" href="#django.contrib.auth.models.User.has_perm" title="django.contrib.auth.models.User.has_perm"><code class="xref py py-meth docutils literal notranslate"><span class="pre">has_perm()</span></code></a> 等权限检查方法，以及 Django 管理中的认证方法，都会对非活跃用户返回 <code class="docutils literal notranslate"><span class="pre">False</span></code>。</p>
</dd></dl>

<dl class="attribute">
<dt id="django.contrib.auth.models.User.is_superuser">
<code class="descname">is_superuser</code><a class="headerlink" href="#django.contrib.auth.models.User.is_superuser" title="永久链接至目标">¶</a></dt>
<dd><p>布尔值。指定该用户拥有所有权限，而不用一个个开启权限。</p>
</dd></dl>

<dl class="attribute">
<dt id="django.contrib.auth.models.User.last_login">
<code class="descname">last_login</code><a class="headerlink" href="#django.contrib.auth.models.User.last_login" title="永久链接至目标">¶</a></dt>
<dd><p>用户最后一次登录的日期时间。</p>
</dd></dl>

<dl class="attribute">
<dt id="django.contrib.auth.models.User.date_joined">
<code class="descname">date_joined</code><a class="headerlink" href="#django.contrib.auth.models.User.date_joined" title="永久链接至目标">¶</a></dt>
<dd><p>指定账户创建时间的日期时间。帐户创建时，默认设置为当前日期／时间。</p>
</dd></dl>

</dd></dl>

</div>
<div class="section" id="s-attributes">
<span id="attributes"></span><h3>属性<a class="headerlink" href="#attributes" title="永久链接至标题">¶</a></h3>
<dl class="class">
<dt>
<em class="property">class </em><code class="descclassname">models.</code><code class="descname">User</code></dt>
<dd><dl class="attribute">
<dt id="django.contrib.auth.models.User.is_authenticated">
<code class="descname">is_authenticated</code><a class="headerlink" href="#django.contrib.auth.models.User.is_authenticated" title="永久链接至目标">¶</a></dt>
<dd><p>只读属性，始终返回 <code class="docutils literal notranslate"><span class="pre">True</span></code> （匿名用户 <code class="docutils literal notranslate"><span class="pre">AnonymousUser.is_authenticated</span></code>  始终返回 <code class="docutils literal notranslate"><span class="pre">False</span></code> ）。这是一种判断用户是否已通过身份认证的方法。这并不意味着任何权限，也不会检查用户是否处于活动状态或是否具有有效会话。即使通常你会根据 <code class="docutils literal notranslate"><span class="pre">request.user</span></code> 检查这个属性，以确定它是否被 <a class="reference internal" href="../middleware.html#django.contrib.auth.middleware.AuthenticationMiddleware" title="django.contrib.auth.middleware.AuthenticationMiddleware"><code class="xref py py-class docutils literal notranslate"><span class="pre">AuthenticationMiddleware</span></code></a> 填充（表示当前登录的用户），但是你应该知道该属性对于任何 <a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal notranslate"><span class="pre">User</span></code></a> 实例都返回 <code class="docutils literal notranslate"><span class="pre">True</span></code>。</p>
</dd></dl>

<dl class="attribute">
<dt id="django.contrib.auth.models.User.is_anonymous">
<code class="descname">is_anonymous</code><a class="headerlink" href="#django.contrib.auth.models.User.is_anonymous" title="永久链接至目标">¶</a></dt>
<dd><p>只读属性，总是 <code class="docutils literal notranslate"><span class="pre">False</span></code>。这是区分 <a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal notranslate"><span class="pre">User</span></code></a> 和 <a class="reference internal" href="#django.contrib.auth.models.AnonymousUser" title="django.contrib.auth.models.AnonymousUser"><code class="xref py py-class docutils literal notranslate"><span class="pre">AnonymousUser</span></code></a> 对象的一种方式。一般来说，你应该优先使用 <a class="reference internal" href="#django.contrib.auth.models.User.is_authenticated" title="django.contrib.auth.models.User.is_authenticated"><code class="xref py py-attr docutils literal notranslate"><span class="pre">is_authenticated</span></code></a> 来代替这个属性。</p>
</dd></dl>

</dd></dl>

</div>
<div class="section" id="s-methods">
<span id="methods"></span><h3>方法<a class="headerlink" href="#methods" title="永久链接至标题">¶</a></h3>
<dl class="class">
<dt>
<em class="property">class </em><code class="descclassname">models.</code><code class="descname">User</code></dt>
<dd><dl class="method">
<dt id="django.contrib.auth.models.User.get_username">
<code class="descname">get_username</code>()<a class="headerlink" href="#django.contrib.auth.models.User.get_username" title="永久链接至目标">¶</a></dt>
<dd><p>返回用户的用户名。由于 <code class="docutils literal notranslate"><span class="pre">User</span></code> 模型可以被替换，你应该使用这个方法而不是直接引用用户名属性。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.models.User.get_full_name">
<code class="descname">get_full_name</code>()<a class="headerlink" href="#django.contrib.auth.models.User.get_full_name" title="永久链接至目标">¶</a></dt>
<dd><p>返回 <a class="reference internal" href="#django.contrib.auth.models.User.first_name" title="django.contrib.auth.models.User.first_name"><code class="xref py py-attr docutils literal notranslate"><span class="pre">first_name</span></code></a> 加上 <a class="reference internal" href="#django.contrib.auth.models.User.last_name" title="django.contrib.auth.models.User.last_name"><code class="xref py py-attr docutils literal notranslate"><span class="pre">last_name</span></code></a>，中间有一个空格。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.models.User.get_short_name">
<code class="descname">get_short_name</code>()<a class="headerlink" href="#django.contrib.auth.models.User.get_short_name" title="永久链接至目标">¶</a></dt>
<dd><p>返回 <a class="reference internal" href="#django.contrib.auth.models.User.first_name" title="django.contrib.auth.models.User.first_name"><code class="xref py py-attr docutils literal notranslate"><span class="pre">first_name</span></code></a>。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.models.User.set_password">
<code class="descname">set_password</code>(<em>raw_password</em>)<a class="headerlink" href="#django.contrib.auth.models.User.set_password" title="永久链接至目标">¶</a></dt>
<dd><p>将用户的密码设置为给定的原始字符串，并进行密码哈希处理。不保存 <a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal notranslate"><span class="pre">User</span></code></a> 对象。</p>
<p>当 <code class="docutils literal notranslate"><span class="pre">raw_password</span></code> 为 <code class="docutils literal notranslate"><span class="pre">None</span></code> 时，密码将被设置为不可用的密码，就像 <a class="reference internal" href="#django.contrib.auth.models.User.set_unusable_password" title="django.contrib.auth.models.User.set_unusable_password"><code class="xref py py-meth docutils literal notranslate"><span class="pre">set_unusable_password()</span></code></a> 一样。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.models.User.check_password">
<code class="descname">check_password</code>(<em>raw_password</em>)<a class="headerlink" href="#django.contrib.auth.models.User.check_password" title="永久链接至目标">¶</a></dt>
<dd><p>如果给定的原始字符串是用户的正确密码，返回 <code class="docutils literal notranslate"><span class="pre">True</span></code>。（密码哈希值用于比较）</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.models.User.set_unusable_password">
<code class="descname">set_unusable_password</code>()<a class="headerlink" href="#django.contrib.auth.models.User.set_unusable_password" title="永久链接至目标">¶</a></dt>
<dd><p>标记该用户没有设置密码。 <a class="reference internal" href="#django.contrib.auth.models.User.check_password" title="django.contrib.auth.models.User.check_password"><code class="xref py py-meth docutils literal notranslate"><span class="pre">check_password()</span></code></a> 对这个用户的检查永远不会返回 <code class="docutils literal notranslate"><span class="pre">True</span></code>。不会保存 <a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal notranslate"><span class="pre">User</span></code></a> 对象。</p>
<p>如果针对现有外部源（例如 LDAP 目录）进行应用程序的身份认证，则可能需要这个功能。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.models.User.has_usable_password">
<code class="descname">has_usable_password</code>()<a class="headerlink" href="#django.contrib.auth.models.User.has_usable_password" title="永久链接至目标">¶</a></dt>
<dd><p>如果 <code class="xref py py-meth docutils literal notranslate"><span class="pre">set_unusable_password()</span></code> 被调用，返回 <code class="docutils literal notranslate"><span class="pre">False</span></code>。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.models.User.get_user_permissions">
<code class="descname">get_user_permissions</code>(<em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.models.User.get_user_permissions" title="永久链接至目标">¶</a></dt>
<dd><p>返回用户直接拥有的一组权限字符串。</p>
<p>如果传入了 <code class="docutils literal notranslate"><span class="pre">obj</span></code>，则只返回这个特定对象的用户权限。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.models.User.get_group_permissions">
<code class="descname">get_group_permissions</code>(<em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.models.User.get_group_permissions" title="永久链接至目标">¶</a></dt>
<dd><p>返回用户通过他们的组拥有的一组权限字符串。</p>
<p>如果传入了 <code class="docutils literal notranslate"><span class="pre">obj</span></code>，则只返回这个特定对象的组权限。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.models.User.get_all_permissions">
<code class="descname">get_all_permissions</code>(<em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.models.User.get_all_permissions" title="永久链接至目标">¶</a></dt>
<dd><p>返回用户拥有的一组权限字符串，包括通过组和用户的权限。</p>
<p>如果传入了 <code class="docutils literal notranslate"><span class="pre">obj</span></code>，则只返回这个特定对象的权限。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.models.User.has_perm">
<code class="descname">has_perm</code>(<em>perm</em>, <em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.models.User.has_perm" title="永久链接至目标">¶</a></dt>
<dd><p>如果用户拥有指定的权限，返回 <code class="docutils literal notranslate"><span class="pre">True</span></code>，其中 perm 的格式是 <code class="docutils literal notranslate"><span class="pre">&quot;&lt;app</span> <span class="pre">label&gt;.&lt;permission</span> <span class="pre">codename&gt;&quot;</span></code>。（参见 <a class="reference internal" href="../../topics/auth/default.html#topic-authorization"><span class="std std-ref">权限</span></a> 的文档）。如果用户是不活跃的，这个方法将总是返回 <code class="docutils literal notranslate"><span class="pre">False</span></code>。对于活跃的超级用户，本方法将始终返回 <code class="docutils literal notranslate"><span class="pre">True</span></code>。</p>
<p>如果传入了 <code class="docutils literal notranslate"><span class="pre">obj</span></code>，这个方法不会检查模型的权限，而是检查这个特定对象的权限。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.models.User.has_perms">
<code class="descname">has_perms</code>(<em>perm_list</em>, <em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.models.User.has_perms" title="永久链接至目标">¶</a></dt>
<dd><p>如果用户拥有指定的每个权限，返回 <code class="docutils literal notranslate"><span class="pre">True</span></code>，其中每个 perm 的格式为 <code class="docutils literal notranslate"><span class="pre">&quot;&lt;app</span> <span class="pre">label&gt;.&lt;permission</span> <span class="pre">codename&gt;&quot;</span></code>。如果用户不活跃，本方法将总是返回 <code class="docutils literal notranslate"><span class="pre">False</span></code>。对于活跃的超级用户，本方法将始终返回 <code class="docutils literal notranslate"><span class="pre">True</span></code>。</p>
<p>如果传入了 <code class="docutils literal notranslate"><span class="pre">obj</span></code>，这个方法不会检查模型的权限，而是检查这个特定对象的权限。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.models.User.has_module_perms">
<code class="descname">has_module_perms</code>(<em>package_name</em>)<a class="headerlink" href="#django.contrib.auth.models.User.has_module_perms" title="永久链接至目标">¶</a></dt>
<dd><p>如果用户在给定的包（Django 应用标签）中有任何权限，则返回 <code class="docutils literal notranslate"><span class="pre">True</span></code>。如果用户不活跃，本方法将总是返回 <code class="docutils literal notranslate"><span class="pre">False</span></code>。如果是活跃的超级用户，本方法将始终返回 <code class="docutils literal notranslate"><span class="pre">True</span></code>。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.models.User.email_user">
<code class="descname">email_user</code>(<em>subject</em>, <em>message</em>, <em>from_email=None</em>, <em>**kwargs</em>)<a class="headerlink" href="#django.contrib.auth.models.User.email_user" title="永久链接至目标">¶</a></dt>
<dd><p>向用户发送邮件。如果 <code class="docutils literal notranslate"><span class="pre">from_email</span></code> 是 <code class="docutils literal notranslate"><span class="pre">None</span></code>，Django 使用 <a class="reference internal" href="../settings.html#std:setting-DEFAULT_FROM_EMAIL"><code class="xref std std-setting docutils literal notranslate"><span class="pre">DEFAULT_FROM_EMAIL</span></code></a>。任何 <code class="docutils literal notranslate"><span class="pre">**kwargs</span></code> 都会传递给底层的 <a class="reference internal" href="../../topics/email.html#django.core.mail.send_mail" title="django.core.mail.send_mail"><code class="xref py py-meth docutils literal notranslate"><span class="pre">send_mail()</span></code></a> 调用。</p>
</dd></dl>

</dd></dl>

</div>
<div class="section" id="s-manager-methods">
<span id="manager-methods"></span><h3>管理器方法<a class="headerlink" href="#manager-methods" title="永久链接至标题">¶</a></h3>
<dl class="class">
<dt id="django.contrib.auth.models.UserManager">
<em class="property">class </em><code class="descclassname">models.</code><code class="descname">UserManager</code><a class="headerlink" href="#django.contrib.auth.models.UserManager" title="永久链接至目标">¶</a></dt>
<dd><p><code class="xref py py-class docutils literal notranslate"><span class="pre">User</span></code> 模型有一个自定义管理器，它有以下辅助方法（除了 <code class="xref py py-class docutils literal notranslate"><span class="pre">BaseUserManager</span></code> 提供的方法外）：</p>
<dl class="method">
<dt id="django.contrib.auth.models.UserManager.create_user">
<code class="descname">create_user</code>(<em>username</em>, <em>email=None</em>, <em>password=None</em>, <em>**extra_fields</em>)<a class="headerlink" href="#django.contrib.auth.models.UserManager.create_user" title="永久链接至目标">¶</a></dt>
<dd><p>创建、保存并返回一个 <a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal notranslate"><span class="pre">User</span></code></a>。</p>
<p><a class="reference internal" href="#django.contrib.auth.models.User.username" title="django.contrib.auth.models.User.username"><code class="xref py py-attr docutils literal notranslate"><span class="pre">username</span></code></a> 和 <a class="reference internal" href="#django.contrib.auth.models.User.password" title="django.contrib.auth.models.User.password"><code class="xref py py-attr docutils literal notranslate"><span class="pre">password</span></code></a> 按给定设置。<a class="reference internal" href="#django.contrib.auth.models.User.email" title="django.contrib.auth.models.User.email"><code class="xref py py-attr docutils literal notranslate"><span class="pre">email</span></code></a> 的域名部分会自动转换为小写，返回的 <a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal notranslate"><span class="pre">User</span></code></a> 对象的 <a class="reference internal" href="#django.contrib.auth.models.User.is_active" title="django.contrib.auth.models.User.is_active"><code class="xref py py-attr docutils literal notranslate"><span class="pre">is_active</span></code></a> 设置为 <code class="docutils literal notranslate"><span class="pre">True</span></code>。</p>
<p>如果没有提供密码， <a class="reference internal" href="#django.contrib.auth.models.User.set_unusable_password" title="django.contrib.auth.models.User.set_unusable_password"><code class="xref py py-meth docutils literal notranslate"><span class="pre">set_unusable_password()</span></code></a> 将被调用。</p>
<p><code class="docutils literal notranslate"><span class="pre">extra_fields</span></code> 关键字参数被传递到 <a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal notranslate"><span class="pre">User</span></code></a> 的 <code class="docutils literal notranslate"><span class="pre">__init__</span></code> 方法中，允许在 <a class="reference internal" href="../../topics/auth/customizing.html#auth-custom-user"><span class="std std-ref">自定义用户模型</span></a> 上设置任意字段。</p>
<p>使用方法参见 <a class="reference internal" href="../../topics/auth/default.html#topics-auth-creating-users"><span class="std std-ref">创建用户</span></a>。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.models.UserManager.create_superuser">
<code class="descname">create_superuser</code>(<em>username</em>, <em>email=None</em>, <em>password=None</em>, <em>**extra_fields</em>)<a class="headerlink" href="#django.contrib.auth.models.UserManager.create_superuser" title="永久链接至目标">¶</a></dt>
<dd><p>与 <a class="reference internal" href="#django.contrib.auth.models.UserManager.create_user" title="django.contrib.auth.models.UserManager.create_user"><code class="xref py py-meth docutils literal notranslate"><span class="pre">create_user()</span></code></a> 相同，但将 <a class="reference internal" href="#django.contrib.auth.models.User.is_staff" title="django.contrib.auth.models.User.is_staff"><code class="xref py py-attr docutils literal notranslate"><span class="pre">is_staff</span></code></a> 和 <a class="reference internal" href="#django.contrib.auth.models.User.is_superuser" title="django.contrib.auth.models.User.is_superuser"><code class="xref py py-attr docutils literal notranslate"><span class="pre">is_superuser</span></code></a> 设置为 <code class="docutils literal notranslate"><span class="pre">True</span></code>。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.models.UserManager.with_perm">
<code class="descname">with_perm</code>(<em>perm</em>, <em>is_active=True</em>, <em>include_superusers=True</em>, <em>backend=None</em>, <em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.models.UserManager.with_perm" title="永久链接至目标">¶</a></dt>
<dd><p>返回拥有给定权限 <code class="docutils literal notranslate"><span class="pre">perm</span></code> 的用户，可以是 <code class="docutils literal notranslate"><span class="pre">&quot;&lt;app</span> <span class="pre">label&gt;.&lt;permission</span> <span class="pre">codename&gt;&quot;</span></code> 格式，也可以是 <a class="reference internal" href="#django.contrib.auth.models.Permission" title="django.contrib.auth.models.Permission"><code class="xref py py-class docutils literal notranslate"><span class="pre">Permission</span></code></a> 实例。如果没有找到拥有 <code class="docutils literal notranslate"><span class="pre">perm</span></code> 的用户，返回一个空的查询集。</p>
<p>如果 <code class="docutils literal notranslate"><span class="pre">is_active</span></code> 为 <code class="docutils literal notranslate"><span class="pre">True</span></code> （默认），则只返回活跃用户，如果 <code class="docutils literal notranslate"><span class="pre">False</span></code>，则只返回非活跃用户。使用 <code class="docutils literal notranslate"><span class="pre">None</span></code> 返回所有用户，无论其是否处于活跃状态。</p>
<p>如果 <code class="docutils literal notranslate"><span class="pre">include_superusers</span></code> 为 <code class="docutils literal notranslate"><span class="pre">True</span></code> （默认），结果将包括超级用户。</p>
<p>如果传入了 <code class="docutils literal notranslate"><span class="pre">backend</span></code>，并且在 <a class="reference internal" href="../settings.html#std:setting-AUTHENTICATION_BACKENDS"><code class="xref std std-setting docutils literal notranslate"><span class="pre">AUTHENTICATION_BACKENDS</span></code></a> 中定义了，那么本方法将使用它。否则，它将使用 <a class="reference internal" href="../settings.html#std:setting-AUTHENTICATION_BACKENDS"><code class="xref std std-setting docutils literal notranslate"><span class="pre">AUTHENTICATION_BACKENDS</span></code></a> 中的 <code class="docutils literal notranslate"><span class="pre">backend</span></code>，如果只有一个的话，或者引发一个异常。</p>
</dd></dl>

</dd></dl>

</div>
</div>
<div class="section" id="s-anonymoususer-object">
<span id="anonymoususer-object"></span><h2><code class="docutils literal notranslate"><span class="pre">AnonymousUser</span></code> 对象<a class="headerlink" href="#anonymoususer-object" title="永久链接至标题">¶</a></h2>
<dl class="class">
<dt id="django.contrib.auth.models.AnonymousUser">
<em class="property">class </em><code class="descclassname">models.</code><code class="descname">AnonymousUser</code><a class="headerlink" href="#django.contrib.auth.models.AnonymousUser" title="永久链接至目标">¶</a></dt>
<dd><p><a class="reference internal" href="#django.contrib.auth.models.AnonymousUser" title="django.contrib.auth.models.AnonymousUser"><code class="xref py py-class docutils literal notranslate"><span class="pre">django.contrib.auth.models.AnonymousUser</span></code></a> 是一个实现了 <a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal notranslate"><span class="pre">django.contrib.auth.models.User</span></code></a> 接口的类，有这些区别：</p>
<ul class="simple">
<li><a class="reference internal" href="../../topics/db/models.html#automatic-primary-key-fields"><span class="std std-ref">id</span></a> 总是 <code class="docutils literal notranslate"><span class="pre">None</span></code>。</li>
<li><a class="reference internal" href="#django.contrib.auth.models.User.username" title="django.contrib.auth.models.User.username"><code class="xref py py-attr docutils literal notranslate"><span class="pre">username</span></code></a> 总是空字符串。</li>
<li><a class="reference internal" href="#django.contrib.auth.models.User.get_username" title="django.contrib.auth.models.User.get_username"><code class="xref py py-meth docutils literal notranslate"><span class="pre">get_username()</span></code></a> 总是返回空字符串。</li>
<li><a class="reference internal" href="#django.contrib.auth.models.User.is_anonymous" title="django.contrib.auth.models.User.is_anonymous"><code class="xref py py-attr docutils literal notranslate"><span class="pre">is_anonymous</span></code></a> 是 <code class="docutils literal notranslate"><span class="pre">True</span></code> 而不是 <code class="docutils literal notranslate"><span class="pre">False</span></code>。</li>
<li><a class="reference internal" href="#django.contrib.auth.models.User.is_authenticated" title="django.contrib.auth.models.User.is_authenticated"><code class="xref py py-attr docutils literal notranslate"><span class="pre">is_authenticated</span></code></a> 是 <code class="docutils literal notranslate"><span class="pre">False</span></code> 而不是 <code class="docutils literal notranslate"><span class="pre">True</span></code>。</li>
<li><a class="reference internal" href="#django.contrib.auth.models.User.is_staff" title="django.contrib.auth.models.User.is_staff"><code class="xref py py-attr docutils literal notranslate"><span class="pre">is_staff</span></code></a> 和 <a class="reference internal" href="#django.contrib.auth.models.User.is_superuser" title="django.contrib.auth.models.User.is_superuser"><code class="xref py py-attr docutils literal notranslate"><span class="pre">is_superuser</span></code></a> 总是 <code class="docutils literal notranslate"><span class="pre">False</span></code>。</li>
<li><a class="reference internal" href="#django.contrib.auth.models.User.is_active" title="django.contrib.auth.models.User.is_active"><code class="xref py py-attr docutils literal notranslate"><span class="pre">is_active</span></code></a> 总是 <code class="docutils literal notranslate"><span class="pre">False</span></code>。</li>
<li><code class="xref py py-attr docutils literal notranslate"><span class="pre">group</span></code> 和 <a class="reference internal" href="#django.contrib.auth.models.User.user_permissions" title="django.contrib.auth.models.User.user_permissions"><code class="xref py py-attr docutils literal notranslate"><span class="pre">user_permissions</span></code></a> 总是空的。</li>
<li><a class="reference internal" href="#django.contrib.auth.models.User.set_password" title="django.contrib.auth.models.User.set_password"><code class="xref py py-meth docutils literal notranslate"><span class="pre">set_password()</span></code></a>、<a class="reference internal" href="#django.contrib.auth.models.User.check_password" title="django.contrib.auth.models.User.check_password"><code class="xref py py-meth docutils literal notranslate"><span class="pre">check_password()</span></code></a>、<a class="reference internal" href="../models/instances.html#django.db.models.Model.save" title="django.db.models.Model.save"><code class="xref py py-meth docutils literal notranslate"><span class="pre">save()</span></code></a> 和 <a class="reference internal" href="../models/instances.html#django.db.models.Model.delete" title="django.db.models.Model.delete"><code class="xref py py-meth docutils literal notranslate"><span class="pre">delete()</span></code></a> 引发 <a class="reference external" href="https://docs.python.org/3/library/exceptions.html#NotImplementedError" title="(在 Python v3.10)"><code class="xref py py-exc docutils literal notranslate"><span class="pre">NotImplementedError</span></code></a>。</li>
</ul>
</dd></dl>

<p>在实践中，你可能不需要自己使用 <a class="reference internal" href="#django.contrib.auth.models.AnonymousUser" title="django.contrib.auth.models.AnonymousUser"><code class="xref py py-class docutils literal notranslate"><span class="pre">AnonymousUser</span></code></a> 对象，但它们会被 Web 请求使用，下一节会解释。</p>
</div>
<div class="section" id="s-permission-model">
<span id="permission-model"></span><h2><code class="docutils literal notranslate"><span class="pre">Permission</span></code> 模型<a class="headerlink" href="#permission-model" title="永久链接至标题">¶</a></h2>
<dl class="class">
<dt id="django.contrib.auth.models.Permission">
<em class="property">class </em><code class="descclassname">models.</code><code class="descname">Permission</code><a class="headerlink" href="#django.contrib.auth.models.Permission" title="永久链接至目标">¶</a></dt>
<dd></dd></dl>

<div class="section" id="s-id1">
<span id="id1"></span><h3>字段<a class="headerlink" href="#id1" title="永久链接至标题">¶</a></h3>
<p><a class="reference internal" href="#django.contrib.auth.models.Permission" title="django.contrib.auth.models.Permission"><code class="xref py py-class docutils literal notranslate"><span class="pre">Permission</span></code></a> 对象有以下字段：</p>
<dl class="class">
<dt>
<em class="property">class </em><code class="descclassname">models.</code><code class="descname">Permission</code></dt>
<dd><dl class="attribute">
<dt id="django.contrib.auth.models.Permission.name">
<code class="descname">name</code><a class="headerlink" href="#django.contrib.auth.models.Permission.name" title="永久链接至目标">¶</a></dt>
<dd><p>必要的。255 个字符或以下。例如：<code class="docutils literal notranslate"><span class="pre">'Can</span> <span class="pre">vote'</span></code>。</p>
</dd></dl>

<dl class="attribute">
<dt id="django.contrib.auth.models.Permission.content_type">
<code class="descname">content_type</code><a class="headerlink" href="#django.contrib.auth.models.Permission.content_type" title="永久链接至目标">¶</a></dt>
<dd><p>必要的。对 <code class="docutils literal notranslate"><span class="pre">django_content_type</span></code> 数据库表的引用，该表包含每个已安装模型的记录。</p>
</dd></dl>

<dl class="attribute">
<dt id="django.contrib.auth.models.Permission.codename">
<code class="descname">codename</code><a class="headerlink" href="#django.contrib.auth.models.Permission.codename" title="永久链接至目标">¶</a></dt>
<dd><p>必要的。100 个字符或以下。例如：<code class="docutils literal notranslate"><span class="pre">'can_vote'</span></code>。</p>
</dd></dl>

</dd></dl>

</div>
<div class="section" id="s-id2">
<span id="id2"></span><h3>方法<a class="headerlink" href="#id2" title="永久链接至标题">¶</a></h3>
<p><a class="reference internal" href="#django.contrib.auth.models.Permission" title="django.contrib.auth.models.Permission"><code class="xref py py-class docutils literal notranslate"><span class="pre">Permission</span></code></a> 对象和其他 <a class="reference internal" href="../models/instances.html"><span class="doc">Django 模型</span></a> 一样拥有标准的数据访问方法。</p>
</div>
</div>
<div class="section" id="s-group-model">
<span id="group-model"></span><h2><code class="docutils literal notranslate"><span class="pre">Group</span></code> 模型<a class="headerlink" href="#group-model" title="永久链接至标题">¶</a></h2>
<dl class="class">
<dt id="django.contrib.auth.models.Group">
<em class="property">class </em><code class="descclassname">models.</code><code class="descname">Group</code><a class="headerlink" href="#django.contrib.auth.models.Group" title="永久链接至目标">¶</a></dt>
<dd></dd></dl>

<div class="section" id="s-id3">
<span id="id3"></span><h3>字段<a class="headerlink" href="#id3" title="永久链接至标题">¶</a></h3>
<p><a class="reference internal" href="#django.contrib.auth.models.Group" title="django.contrib.auth.models.Group"><code class="xref py py-class docutils literal notranslate"><span class="pre">Group</span></code></a> 对象有以下字段：</p>
<dl class="class">
<dt>
<em class="property">class </em><code class="descclassname">models.</code><code class="descname">Group</code></dt>
<dd><dl class="attribute">
<dt id="django.contrib.auth.models.Group.name">
<code class="descname">name</code><a class="headerlink" href="#django.contrib.auth.models.Group.name" title="永久链接至目标">¶</a></dt>
<dd><p>要求： 150 个字符或以下。允许使用任何字符。例如：<code class="docutils literal notranslate"><span class="pre">'Awesome</span> <span class="pre">Users'</span></code>。</p>
</dd></dl>

<dl class="attribute">
<dt id="django.contrib.auth.models.Group.permissions">
<code class="descname">permissions</code><a class="headerlink" href="#django.contrib.auth.models.Group.permissions" title="永久链接至目标">¶</a></dt>
<dd><p>多对多字段到 <a class="reference internal" href="#django.contrib.auth.models.Permission" title="django.contrib.auth.models.Permission"><code class="xref py py-class docutils literal notranslate"><span class="pre">Permission</span></code></a>：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">group</span><span class="o">.</span><span class="n">permissions</span><span class="o">.</span><span class="n">set</span><span class="p">([</span><span class="n">permission_list</span><span class="p">])</span>
<span class="n">group</span><span class="o">.</span><span class="n">permissions</span><span class="o">.</span><span class="n">add</span><span class="p">(</span><span class="n">permission</span><span class="p">,</span> <span class="n">permission</span><span class="p">,</span> <span class="o">...</span><span class="p">)</span>
<span class="n">group</span><span class="o">.</span><span class="n">permissions</span><span class="o">.</span><span class="n">remove</span><span class="p">(</span><span class="n">permission</span><span class="p">,</span> <span class="n">permission</span><span class="p">,</span> <span class="o">...</span><span class="p">)</span>
<span class="n">group</span><span class="o">.</span><span class="n">permissions</span><span class="o">.</span><span class="n">clear</span><span class="p">()</span>
</pre></div>
</div>
</dd></dl>

</dd></dl>

</div>
</div>
<div class="section" id="s-validators">
<span id="validators"></span><h2>验证器<a class="headerlink" href="#validators" title="永久链接至标题">¶</a></h2>
<dl class="class">
<dt id="django.contrib.auth.validators.ASCIIUsernameValidator">
<em class="property">class </em><code class="descclassname">validators.</code><code class="descname">ASCIIUsernameValidator</code><a class="headerlink" href="#django.contrib.auth.validators.ASCIIUsernameValidator" title="永久链接至目标">¶</a></dt>
<dd><p>除了 <code class="docutils literal notranslate"><span class="pre">&#64;</span></code>、<code class="docutils literal notranslate"><span class="pre">.</span></code>、<code class="docutils literal notranslate"><span class="pre">+</span></code>、<code class="docutils literal notranslate"><span class="pre">-</span></code> 和 <code class="docutils literal notranslate"><span class="pre">_</span></code> 之外，只允许使用 ASCII 字母和数字的字段验证器。</p>
</dd></dl>

<dl class="class">
<dt id="django.contrib.auth.validators.UnicodeUsernameValidator">
<em class="property">class </em><code class="descclassname">validators.</code><code class="descname">UnicodeUsernameValidator</code><a class="headerlink" href="#django.contrib.auth.validators.UnicodeUsernameValidator" title="永久链接至目标">¶</a></dt>
<dd><p>除了 <code class="docutils literal notranslate"><span class="pre">&#64;</span></code>、<code class="docutils literal notranslate"><span class="pre">.</span></code>、<code class="docutils literal notranslate"><span class="pre">+</span></code>、<code class="docutils literal notranslate"><span class="pre">-</span></code> 和 <code class="docutils literal notranslate"><span class="pre">_</span></code> 之外，还允许使用 Unicode 字符的字段验证器。<code class="docutils literal notranslate"><span class="pre">User.username</span></code> 的默认验证器。</p>
</dd></dl>

</div>
<div class="section" id="s-module-django.contrib.auth.signals">
<span id="s-login-and-logout-signals"></span><span id="s-topics-auth-signals"></span><span id="module-django.contrib.auth.signals"></span><span id="login-and-logout-signals"></span><span id="topics-auth-signals"></span><h2>登录和注销的信号<a class="headerlink" href="#module-django.contrib.auth.signals" title="永久链接至标题">¶</a></h2>
<p>认证框架使用了以下的 <a class="reference internal" href="../../topics/signals.html"><span class="doc">信号</span></a>，可以在用户登录或退出时用于通知。</p>
<dl class="function">
<dt id="django.contrib.auth.signals.user_logged_in">
<code class="descname">user_logged_in</code>()<a class="headerlink" href="#django.contrib.auth.signals.user_logged_in" title="永久链接至目标">¶</a></dt>
<dd><p>当用户成功登录时发送。</p>
<p>用此信号发送的参数：</p>
<dl class="docutils">
<dt><code class="docutils literal notranslate"><span class="pre">sender</span></code></dt>
<dd>刚刚登录的用户的类。</dd>
<dt><code class="docutils literal notranslate"><span class="pre">request</span></code></dt>
<dd>当前的 <a class="reference internal" href="../request-response.html#django.http.HttpRequest" title="django.http.HttpRequest"><code class="xref py py-class docutils literal notranslate"><span class="pre">HttpRequest</span></code></a> 实例。</dd>
<dt><code class="docutils literal notranslate"><span class="pre">user</span></code></dt>
<dd>刚刚登录的用户的实例。</dd>
</dl>
</dd></dl>

<dl class="function">
<dt id="django.contrib.auth.signals.user_logged_out">
<code class="descname">user_logged_out</code>()<a class="headerlink" href="#django.contrib.auth.signals.user_logged_out" title="永久链接至目标">¶</a></dt>
<dd><p>调用注销方法时发送。</p>
<dl class="docutils">
<dt><code class="docutils literal notranslate"><span class="pre">sender</span></code></dt>
<dd>如上所述：刚刚注销的用户的类，如果用户没有经过认证，则为 <code class="docutils literal notranslate"><span class="pre">None</span></code>。</dd>
<dt><code class="docutils literal notranslate"><span class="pre">request</span></code></dt>
<dd>当前的 <a class="reference internal" href="../request-response.html#django.http.HttpRequest" title="django.http.HttpRequest"><code class="xref py py-class docutils literal notranslate"><span class="pre">HttpRequest</span></code></a> 实例。</dd>
<dt><code class="docutils literal notranslate"><span class="pre">user</span></code></dt>
<dd>刚刚注销的用户实例，如果用户没有经过认证，则为 <code class="docutils literal notranslate"><span class="pre">None</span></code>。</dd>
</dl>
</dd></dl>

<dl class="function">
<dt id="django.contrib.auth.signals.user_login_failed">
<code class="descname">user_login_failed</code>()<a class="headerlink" href="#django.contrib.auth.signals.user_login_failed" title="永久链接至目标">¶</a></dt>
<dd><p>当用户未能成功登录时发送</p>
<dl class="docutils">
<dt><code class="docutils literal notranslate"><span class="pre">sender</span></code></dt>
<dd>用于认证的模块名称。</dd>
<dt><code class="docutils literal notranslate"><span class="pre">credentials</span></code></dt>
<dd>一个包含关键字参数的字典，其中包含传递给 <a class="reference internal" href="../../topics/auth/default.html#django.contrib.auth.authenticate" title="django.contrib.auth.authenticate"><code class="xref py py-func docutils literal notranslate"><span class="pre">authenticate()</span></code></a> 或你自己的自定义认证后端的用户凭证。匹配一组“敏感的”模式的凭证（包括密码）将不会作为信号的一部分被发送。</dd>
<dt><code class="docutils literal notranslate"><span class="pre">request</span></code></dt>
<dd><a class="reference internal" href="../request-response.html#django.http.HttpRequest" title="django.http.HttpRequest"><code class="xref py py-class docutils literal notranslate"><span class="pre">HttpRequest</span></code></a> 对象，如果有提供给 <a class="reference internal" href="../../topics/auth/default.html#django.contrib.auth.authenticate" title="django.contrib.auth.authenticate"><code class="xref py py-func docutils literal notranslate"><span class="pre">authenticate()</span></code></a> 对象的话。</dd>
</dl>
</dd></dl>

</div>
<div class="section" id="s-module-django.contrib.auth.backends">
<span id="s-authentication-backends"></span><span id="s-authentication-backends-reference"></span><span id="module-django.contrib.auth.backends"></span><span id="authentication-backends"></span><span id="authentication-backends-reference"></span><h2>认证后端<a class="headerlink" href="#module-django.contrib.auth.backends" title="永久链接至标题">¶</a></h2>
<p>本节详细介绍了 Django 自带的认证后端。关于如何使用它们以及如何编写你自己的认证后端，请参阅 <a class="reference internal" href="../../topics/auth/index.html"><span class="doc">用户认证指南</span></a> 中的 <a class="reference internal" href="../../topics/auth/customizing.html#authentication-backends"><span class="std std-ref">其他认证源</span></a> 部分。</p>
<div class="section" id="s-available-authentication-backends">
<span id="available-authentication-backends"></span><h3>可用的认证后端<a class="headerlink" href="#available-authentication-backends" title="永久链接至标题">¶</a></h3>
<p>在 <a class="reference internal" href="#module-django.contrib.auth.backends" title="django.contrib.auth.backends: Django's built-in authentication backend classes."><code class="xref py py-mod docutils literal notranslate"><span class="pre">django.contrib.auth.backends</span></code></a> 中可以找到以下后端：</p>
<dl class="class">
<dt id="django.contrib.auth.backends.BaseBackend">
<em class="property">class </em><code class="descname">BaseBackend</code><a class="headerlink" href="#django.contrib.auth.backends.BaseBackend" title="永久链接至目标">¶</a></dt>
<dd><p>一个为所有所需方法提供默认实现的基类。默认情况下，它将拒绝任何用户并不提供任何权限。</p>
<dl class="method">
<dt id="django.contrib.auth.backends.BaseBackend.get_user_permissions">
<code class="descname">get_user_permissions</code>(<em>user_obj</em>, <em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.backends.BaseBackend.get_user_permissions" title="永久链接至目标">¶</a></dt>
<dd><p>返回一个空集。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.backends.BaseBackend.get_group_permissions">
<code class="descname">get_group_permissions</code>(<em>user_obj</em>, <em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.backends.BaseBackend.get_group_permissions" title="永久链接至目标">¶</a></dt>
<dd><p>返回一个空集。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.backends.BaseBackend.get_all_permissions">
<code class="descname">get_all_permissions</code>(<em>user_obj</em>, <em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.backends.BaseBackend.get_all_permissions" title="永久链接至目标">¶</a></dt>
<dd><p>使用 <a class="reference internal" href="#django.contrib.auth.backends.BaseBackend.get_user_permissions" title="django.contrib.auth.backends.BaseBackend.get_user_permissions"><code class="xref py py-meth docutils literal notranslate"><span class="pre">get_user_permissions()</span></code></a> 和 <a class="reference internal" href="#django.contrib.auth.backends.BaseBackend.get_group_permissions" title="django.contrib.auth.backends.BaseBackend.get_group_permissions"><code class="xref py py-meth docutils literal notranslate"><span class="pre">get_group_permissions()</span></code></a> 来获取 <code class="docutils literal notranslate"><span class="pre">user_obj</span></code> 所拥有的权限字符串。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.backends.BaseBackend.has_perm">
<code class="descname">has_perm</code>(<em>user_obj</em>, <em>perm</em>, <em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.backends.BaseBackend.has_perm" title="永久链接至目标">¶</a></dt>
<dd><p>使用 <a class="reference internal" href="#django.contrib.auth.backends.BaseBackend.get_all_permissions" title="django.contrib.auth.backends.BaseBackend.get_all_permissions"><code class="xref py py-meth docutils literal notranslate"><span class="pre">get_all_permissions()</span></code></a> 检查 <code class="docutils literal notranslate"><span class="pre">user_obj</span></code> 是否有 <code class="docutils literal notranslate"><span class="pre">perm</span></code> 的权限字符串。</p>
</dd></dl>

</dd></dl>

<dl class="class">
<dt id="django.contrib.auth.backends.ModelBackend">
<em class="property">class </em><code class="descname">ModelBackend</code><a class="headerlink" href="#django.contrib.auth.backends.ModelBackend" title="永久链接至目标">¶</a></dt>
<dd><p>这是 Django 默认使用的认证后端。 它使用由用户标识符和密码组成的凭证进行认证。 对于 Django 的默认用户模型来说，用户标识符是用户名，对于自定义用户模型来说，它是 USERNAME_FIELD 指定的字段（参见 <a class="reference internal" href="../../topics/auth/customizing.html"><span class="doc">自定义用户和身份认证</span></a>）。</p>
<p>它还处理了为 <a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal notranslate"><span class="pre">User</span></code></a> 和 <a class="reference internal" href="../../topics/auth/customizing.html#django.contrib.auth.models.PermissionsMixin" title="django.contrib.auth.models.PermissionsMixin"><code class="xref py py-class docutils literal notranslate"><span class="pre">PermissionsMixin</span></code></a> 定义的默认权限模型。</p>
<p><a class="reference internal" href="#django.contrib.auth.backends.ModelBackend.has_perm" title="django.contrib.auth.backends.ModelBackend.has_perm"><code class="xref py py-meth docutils literal notranslate"><span class="pre">has_perm()</span></code></a>、 <a class="reference internal" href="#django.contrib.auth.backends.ModelBackend.get_all_permissions" title="django.contrib.auth.backends.ModelBackend.get_all_permissions"><code class="xref py py-meth docutils literal notranslate"><span class="pre">get_all_permissions()</span></code></a>、 <a class="reference internal" href="#django.contrib.auth.backends.ModelBackend.get_user_permissions" title="django.contrib.auth.backends.ModelBackend.get_user_permissions"><code class="xref py py-meth docutils literal notranslate"><span class="pre">get_user_permissions()</span></code></a> 和 <a class="reference internal" href="#django.contrib.auth.backends.ModelBackend.get_group_permissions" title="django.contrib.auth.backends.ModelBackend.get_group_permissions"><code class="xref py py-meth docutils literal notranslate"><span class="pre">get_group_permissions()</span></code></a> 允许将对象作为参数传递给特定对象的权限，但除了在 <code class="docutils literal notranslate"><span class="pre">obj</span> <span class="pre">is</span> <span class="pre">not</span> <span class="pre">None</span></code> 的情况下返回一个空的权限集外，这个后端并没有实现它们。</p>
<p><a class="reference internal" href="#django.contrib.auth.backends.ModelBackend.with_perm" title="django.contrib.auth.backends.ModelBackend.with_perm"><code class="xref py py-meth docutils literal notranslate"><span class="pre">with_perm()</span></code></a> 也允许传递一个对象作为参数，但与其他方法不同的是，如果 <code class="docutils literal notranslate"><span class="pre">obj</span> <span class="pre">is</span> <span class="pre">not</span> <span class="pre">None</span></code>，则返回一个空的查询集。</p>
<dl class="method">
<dt id="django.contrib.auth.backends.ModelBackend.authenticate">
<code class="descname">authenticate</code>(<em>request</em>, <em>username=None</em>, <em>password=None</em>, <em>**kwargs</em>)<a class="headerlink" href="#django.contrib.auth.backends.ModelBackend.authenticate" title="永久链接至目标">¶</a></dt>
<dd><p>通过调用 <a class="reference internal" href="#django.contrib.auth.models.User.check_password" title="django.contrib.auth.models.User.check_password"><code class="xref py py-meth docutils literal notranslate"><span class="pre">User.check_password</span></code></a> 尝试用 <code class="docutils literal notranslate"><span class="pre">password</span></code> 认证 <code class="docutils literal notranslate"><span class="pre">username</span></code>。如果没有提供 <code class="docutils literal notranslate"><span class="pre">username</span></code>，则尝试使用键 <a class="reference internal" href="../../topics/auth/customizing.html#django.contrib.auth.models.CustomUser.USERNAME_FIELD" title="django.contrib.auth.models.CustomUser.USERNAME_FIELD"><code class="xref py py-attr docutils literal notranslate"><span class="pre">CustomUser.USERNAME_FIELD</span></code></a> 从 <code class="docutils literal notranslate"><span class="pre">kwargs</span></code> 中获取一个用户名。返回一个已认证的用户或 <code class="docutils literal notranslate"><span class="pre">None</span></code>。</p>
<p><code class="docutils literal notranslate"><span class="pre">request</span></code> 是一个 <a class="reference internal" href="../request-response.html#django.http.HttpRequest" title="django.http.HttpRequest"><code class="xref py py-class docutils literal notranslate"><span class="pre">HttpRequest</span></code></a>，如果没有提供给 <a class="reference internal" href="../../topics/auth/default.html#django.contrib.auth.authenticate" title="django.contrib.auth.authenticate"><code class="xref py py-func docutils literal notranslate"><span class="pre">authenticate()</span></code></a> （将其传递给后端），则可能是 <code class="docutils literal notranslate"><span class="pre">None</span></code>。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.backends.ModelBackend.get_user_permissions">
<code class="descname">get_user_permissions</code>(<em>user_obj</em>, <em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.backends.ModelBackend.get_user_permissions" title="永久链接至目标">¶</a></dt>
<dd><p>从他们自己的用户权限中返回 <code class="docutils literal notranslate"><span class="pre">user_obj</span></code> 拥有的权限字符串集。如果 <a class="reference internal" href="../../topics/auth/customizing.html#django.contrib.auth.models.AbstractBaseUser.is_anonymous" title="django.contrib.auth.models.AbstractBaseUser.is_anonymous"><code class="xref py py-attr docutils literal notranslate"><span class="pre">is_anonymous</span></code></a> 或 <a class="reference internal" href="../../topics/auth/customizing.html#django.contrib.auth.models.CustomUser.is_active" title="django.contrib.auth.models.CustomUser.is_active"><code class="xref py py-attr docutils literal notranslate"><span class="pre">is_active</span></code></a> 是 <code class="docutils literal notranslate"><span class="pre">False</span></code>，则返回空集。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.backends.ModelBackend.get_group_permissions">
<code class="descname">get_group_permissions</code>(<em>user_obj</em>, <em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.backends.ModelBackend.get_group_permissions" title="永久链接至目标">¶</a></dt>
<dd><p>从他们自己的用户权限中返回 <code class="docutils literal notranslate"><span class="pre">user_obj</span></code> 拥有的权限字符串集。如果 <a class="reference internal" href="../../topics/auth/customizing.html#django.contrib.auth.models.AbstractBaseUser.is_anonymous" title="django.contrib.auth.models.AbstractBaseUser.is_anonymous"><code class="xref py py-attr docutils literal notranslate"><span class="pre">is_anonymous</span></code></a> 或 <a class="reference internal" href="../../topics/auth/customizing.html#django.contrib.auth.models.CustomUser.is_active" title="django.contrib.auth.models.CustomUser.is_active"><code class="xref py py-attr docutils literal notranslate"><span class="pre">is_active</span></code></a> 是 <code class="docutils literal notranslate"><span class="pre">False</span></code>，则返回空集。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.backends.ModelBackend.get_all_permissions">
<code class="descname">get_all_permissions</code>(<em>user_obj</em>, <em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.backends.ModelBackend.get_all_permissions" title="永久链接至目标">¶</a></dt>
<dd><p>从他们自己的用户权限中返回 <code class="docutils literal notranslate"><span class="pre">user_obj</span></code> 拥有的权限字符串集。如果 <a class="reference internal" href="../../topics/auth/customizing.html#django.contrib.auth.models.AbstractBaseUser.is_anonymous" title="django.contrib.auth.models.AbstractBaseUser.is_anonymous"><code class="xref py py-attr docutils literal notranslate"><span class="pre">is_anonymous</span></code></a> 或 <a class="reference internal" href="../../topics/auth/customizing.html#django.contrib.auth.models.CustomUser.is_active" title="django.contrib.auth.models.CustomUser.is_active"><code class="xref py py-attr docutils literal notranslate"><span class="pre">is_active</span></code></a> 是 <code class="docutils literal notranslate"><span class="pre">False</span></code>，则返回空集。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.backends.ModelBackend.has_perm">
<code class="descname">has_perm</code>(<em>user_obj</em>, <em>perm</em>, <em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.backends.ModelBackend.has_perm" title="永久链接至目标">¶</a></dt>
<dd><p>使用 <a class="reference internal" href="#django.contrib.auth.backends.ModelBackend.get_all_permissions" title="django.contrib.auth.backends.ModelBackend.get_all_permissions"><code class="xref py py-meth docutils literal notranslate"><span class="pre">get_all_permissions()</span></code></a> 检查 <code class="docutils literal notranslate"><span class="pre">user_obj</span></code> 是否有 <code class="docutils literal notranslate"><span class="pre">perm</span></code> 的权限。如果用户没有 <a class="reference internal" href="../../topics/auth/customizing.html#django.contrib.auth.models.CustomUser.is_active" title="django.contrib.auth.models.CustomUser.is_active"><code class="xref py py-attr docutils literal notranslate"><span class="pre">is_active</span></code></a>，则返回 <code class="docutils literal notranslate"><span class="pre">False</span></code>。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.backends.ModelBackend.has_module_perms">
<code class="descname">has_module_perms</code>(<em>user_obj</em>, <em>app_label</em>)<a class="headerlink" href="#django.contrib.auth.backends.ModelBackend.has_module_perms" title="永久链接至目标">¶</a></dt>
<dd><p>返回 <code class="docutils literal notranslate"><span class="pre">user_obj</span></code> 是否对应用 <code class="docutils literal notranslate"><span class="pre">app_label</span></code> 具有任何权限。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.backends.ModelBackend.user_can_authenticate">
<code class="descname">user_can_authenticate</code>()<a class="headerlink" href="#django.contrib.auth.backends.ModelBackend.user_can_authenticate" title="永久链接至目标">¶</a></dt>
<dd><p>返回是否允许用户进行认证。为了与 <a class="reference internal" href="../../topics/auth/default.html#django.contrib.auth.forms.AuthenticationForm" title="django.contrib.auth.forms.AuthenticationForm"><code class="xref py py-class docutils literal notranslate"><span class="pre">AuthenticationForm</span></code></a> 中 <a class="reference internal" href="../../topics/auth/default.html#django.contrib.auth.forms.AuthenticationForm.confirm_login_allowed" title="django.contrib.auth.forms.AuthenticationForm.confirm_login_allowed"><code class="xref py py-meth docutils literal notranslate"><span class="pre">prohibits</span> <span class="pre">inactive</span> <span class="pre">users</span> <span class="pre">from</span> <span class="pre">logging</span> <span class="pre">in</span></code></a> 的行为相匹配，对于有 <a class="reference internal" href="#django.contrib.auth.models.User.is_active" title="django.contrib.auth.models.User.is_active"><code class="xref py py-attr docutils literal notranslate"><span class="pre">is_active=False</span></code></a> 的用户，本方法返回 <code class="docutils literal notranslate"><span class="pre">False</span></code>。允许没有 <a class="reference internal" href="../../topics/auth/customizing.html#django.contrib.auth.models.CustomUser.is_active" title="django.contrib.auth.models.CustomUser.is_active"><code class="xref py py-attr docutils literal notranslate"><span class="pre">is_active</span></code></a> 字段的自定义用户模型。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.backends.ModelBackend.with_perm">
<code class="descname">with_perm</code>(<em>perm</em>, <em>is_active=True</em>, <em>include_superusers=True</em>, <em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.backends.ModelBackend.with_perm" title="永久链接至目标">¶</a></dt>
<dd><p>返回所有拥有 <code class="docutils literal notranslate"><span class="pre">perm</span></code> 权限的活跃用户，可以是 <code class="docutils literal notranslate"><span class="pre">&quot;&lt;app</span> <span class="pre">label&gt;.&lt;permission</span> <span class="pre">codename&gt;&quot;</span></code> 的形式，也可以是 <a class="reference internal" href="#django.contrib.auth.models.Permission" title="django.contrib.auth.models.Permission"><code class="xref py py-class docutils literal notranslate"><span class="pre">Permission</span></code></a> 实例。如果没有找到拥有 <code class="docutils literal notranslate"><span class="pre">perm</span></code> 权限的用户，则返回一个空的查询集。</p>
<p>如果 <code class="docutils literal notranslate"><span class="pre">is_active</span></code> 为 <code class="docutils literal notranslate"><span class="pre">True</span></code> （默认），则只返回活跃用户，如果 <code class="docutils literal notranslate"><span class="pre">False</span></code>，则只返回非活跃用户。使用 <code class="docutils literal notranslate"><span class="pre">None</span></code> 返回所有用户，无论其是否处于活跃状态。</p>
<p>如果 <code class="docutils literal notranslate"><span class="pre">include_superusers</span></code> 为 <code class="docutils literal notranslate"><span class="pre">True</span></code> （默认），结果将包括超级用户。</p>
</dd></dl>

</dd></dl>

<dl class="class">
<dt id="django.contrib.auth.backends.AllowAllUsersModelBackend">
<em class="property">class </em><code class="descname">AllowAllUsersModelBackend</code><a class="headerlink" href="#django.contrib.auth.backends.AllowAllUsersModelBackend" title="永久链接至目标">¶</a></dt>
<dd><p>与 <a class="reference internal" href="#django.contrib.auth.backends.ModelBackend" title="django.contrib.auth.backends.ModelBackend"><code class="xref py py-class docutils literal notranslate"><span class="pre">ModelBackend</span></code></a> 一样，只是它不会拒绝非活动用户，因为 <a class="reference internal" href="#django.contrib.auth.backends.ModelBackend.user_can_authenticate" title="django.contrib.auth.backends.ModelBackend.user_can_authenticate"><code class="xref py py-meth docutils literal notranslate"><span class="pre">user_can_authenticate()</span></code></a> 总是返回 <code class="docutils literal notranslate"><span class="pre">True</span></code>。</p>
<p>当使用这个后台时，你可能会想要自定义 <a class="reference internal" href="../../topics/auth/default.html#django.contrib.auth.forms.AuthenticationForm" title="django.contrib.auth.forms.AuthenticationForm"><code class="xref py py-class docutils literal notranslate"><span class="pre">AuthenticationForm</span></code></a> 所使用的 <a class="reference internal" href="../../topics/auth/default.html#django.contrib.auth.views.LoginView" title="django.contrib.auth.views.LoginView"><code class="xref py py-class docutils literal notranslate"><span class="pre">LoginView</span></code></a>，通过覆盖 <a class="reference internal" href="../../topics/auth/default.html#django.contrib.auth.forms.AuthenticationForm.confirm_login_allowed" title="django.contrib.auth.forms.AuthenticationForm.confirm_login_allowed"><code class="xref py py-meth docutils literal notranslate"><span class="pre">confirm_login_allowed()</span></code></a> 方法，因为它拒绝非活动用户。</p>
</dd></dl>

<dl class="class">
<dt id="django.contrib.auth.backends.RemoteUserBackend">
<em class="property">class </em><code class="descname">RemoteUserBackend</code><a class="headerlink" href="#django.contrib.auth.backends.RemoteUserBackend" title="永久链接至目标">¶</a></dt>
<dd><p>使用这个后端来利用外部对 Django 处理的认证。 它使用 <a class="reference internal" href="../request-response.html#django.http.HttpRequest.META" title="django.http.HttpRequest.META"><code class="xref py py-attr docutils literal notranslate"><span class="pre">request.META['REMOTE_USER']</span></code></a> 中传递的用户名进行认证。 参见 <a class="reference internal" href="../../howto/auth-remote-user.html"><span class="doc">认证 REMOTE_USER</span></a> 文档。</p>
<p>如果你需要更多的控制，你可以创建自己的认证后端，继承这个类，并覆盖这些属性或方法：</p>
<dl class="attribute">
<dt id="django.contrib.auth.backends.RemoteUserBackend.create_unknown_user">
<code class="descname">create_unknown_user</code><a class="headerlink" href="#django.contrib.auth.backends.RemoteUserBackend.create_unknown_user" title="永久链接至目标">¶</a></dt>
<dd><p><code class="docutils literal notranslate"><span class="pre">True</span></code> 或 <code class="docutils literal notranslate"><span class="pre">False</span></code>。确定如果数据库中没有用户对象，是否创建用户对象。默认为 <code class="docutils literal notranslate"><span class="pre">True</span></code>。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.backends.RemoteUserBackend.authenticate">
<code class="descname">authenticate</code>(<em>request</em>, <em>remote_user</em>)<a class="headerlink" href="#django.contrib.auth.backends.RemoteUserBackend.authenticate" title="永久链接至目标">¶</a></dt>
<dd><p>作为 <code class="docutils literal notranslate"><span class="pre">remote_user</span></code> 传递的用户名被认为是可信的。如果 <a class="reference internal" href="#django.contrib.auth.backends.RemoteUserBackend.create_unknown_user" title="django.contrib.auth.backends.RemoteUserBackend.create_unknown_user"><code class="xref py py-attr docutils literal notranslate"><span class="pre">create_unknown_user</span></code></a> 为 <code class="docutils literal notranslate"><span class="pre">True</span></code>，则该方法返回给定用户名的用户对象，创建一个新的用户对象。</p>
<p>如果 <a class="reference internal" href="#django.contrib.auth.backends.RemoteUserBackend.create_unknown_user" title="django.contrib.auth.backends.RemoteUserBackend.create_unknown_user"><code class="xref py py-attr docutils literal notranslate"><span class="pre">create_unknown_user</span></code></a> 为 <code class="docutils literal notranslate"><span class="pre">False</span></code>，且数据库中没有找到给定用户名的 <code class="docutils literal notranslate"><span class="pre">User</span></code> 对象，则返回 <code class="docutils literal notranslate"><span class="pre">None</span></code>。</p>
<p><code class="docutils literal notranslate"><span class="pre">request</span></code> 是一个 <a class="reference internal" href="../request-response.html#django.http.HttpRequest" title="django.http.HttpRequest"><code class="xref py py-class docutils literal notranslate"><span class="pre">HttpRequest</span></code></a>，如果没有提供给 <a class="reference internal" href="../../topics/auth/default.html#django.contrib.auth.authenticate" title="django.contrib.auth.authenticate"><code class="xref py py-func docutils literal notranslate"><span class="pre">authenticate()</span></code></a> （将其传递给后端），则可能是 <code class="docutils literal notranslate"><span class="pre">None</span></code>。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.backends.RemoteUserBackend.clean_username">
<code class="descname">clean_username</code>(<em>username</em>)<a class="headerlink" href="#django.contrib.auth.backends.RemoteUserBackend.clean_username" title="永久链接至目标">¶</a></dt>
<dd><p>在使用 <code class="docutils literal notranslate"><span class="pre">username</span></code> 获取或创建用户对象之前，对 <code class="docutils literal notranslate"><span class="pre">username</span></code> 进行任何清理（例如剥离 LDAP DN 信息）。返回清理后的用户名。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.backends.RemoteUserBackend.configure_user">
<code class="descname">configure_user</code>(<em>request</em>, <em>user</em>)<a class="headerlink" href="#django.contrib.auth.backends.RemoteUserBackend.configure_user" title="永久链接至目标">¶</a></dt>
<dd><p>配置一个新创建的用户。 这个方法在新用户创建后立即被调用，可以用来执行自定义设置操作，例如根据 LDAP 目录中的属性设置用户的组。返回用户对象。</p>
<p><code class="docutils literal notranslate"><span class="pre">request</span></code> 是一个 <a class="reference internal" href="../request-response.html#django.http.HttpRequest" title="django.http.HttpRequest"><code class="xref py py-class docutils literal notranslate"><span class="pre">HttpRequest</span></code></a>，如果没有提供给 <a class="reference internal" href="../../topics/auth/default.html#django.contrib.auth.authenticate" title="django.contrib.auth.authenticate"><code class="xref py py-func docutils literal notranslate"><span class="pre">authenticate()</span></code></a> （将其传递给后端），则可能是 <code class="docutils literal notranslate"><span class="pre">None</span></code>。</p>
</dd></dl>

<dl class="method">
<dt id="django.contrib.auth.backends.RemoteUserBackend.user_can_authenticate">
<code class="descname">user_can_authenticate</code>()<a class="headerlink" href="#django.contrib.auth.backends.RemoteUserBackend.user_can_authenticate" title="永久链接至目标">¶</a></dt>
<dd><p>返回是否允许用户进行身份认证。对于有 <a class="reference internal" href="#django.contrib.auth.models.User.is_active" title="django.contrib.auth.models.User.is_active"><code class="xref py py-attr docutils literal notranslate"><span class="pre">is_active=False</span></code></a> 的用户，本方法返回 <code class="docutils literal notranslate"><span class="pre">False</span></code>。允许没有 <a class="reference internal" href="../../topics/auth/customizing.html#django.contrib.auth.models.CustomUser.is_active" title="django.contrib.auth.models.CustomUser.is_active"><code class="xref py py-attr docutils literal notranslate"><span class="pre">is_active</span></code></a> 字段的自定义用户模型。</p>
</dd></dl>

</dd></dl>

<dl class="class">
<dt id="django.contrib.auth.backends.AllowAllUsersRemoteUserBackend">
<em class="property">class </em><code class="descname">AllowAllUsersRemoteUserBackend</code><a class="headerlink" href="#django.contrib.auth.backends.AllowAllUsersRemoteUserBackend" title="永久链接至目标">¶</a></dt>
<dd><p>与 <a class="reference internal" href="#django.contrib.auth.backends.RemoteUserBackend" title="django.contrib.auth.backends.RemoteUserBackend"><code class="xref py py-class docutils literal notranslate"><span class="pre">RemoteUserBackend</span></code></a> 相同，只是它不会拒绝非活动用户，因为 <a class="reference internal" href="#django.contrib.auth.backends.RemoteUserBackend.user_can_authenticate" title="django.contrib.auth.backends.RemoteUserBackend.user_can_authenticate"><code class="xref py py-attr docutils literal notranslate"><span class="pre">user_can_authenticate</span></code></a> 总是返回 <code class="docutils literal notranslate"><span class="pre">True</span></code>。</p>
</dd></dl>

</div>
</div>
<div class="section" id="s-utility-functions">
<span id="utility-functions"></span><h2>实用工具函数<a class="headerlink" href="#utility-functions" title="永久链接至标题">¶</a></h2>
<dl class="function">
<dt id="django.contrib.auth.get_user">
<code class="descname">get_user</code>(<em>request</em>)<a class="headerlink" href="#django.contrib.auth.get_user" title="永久链接至目标">¶</a></dt>
<dd><p>返回与给定 <code class="docutils literal notranslate"><span class="pre">request</span></code> 的会话相关联的用户模型实例。</p>
<p>它检查会话中存储的认证后端是否存在于 <a class="reference internal" href="../settings.html#std:setting-AUTHENTICATION_BACKENDS"><code class="xref std std-setting docutils literal notranslate"><span class="pre">AUTHENTICATION_BACKENDS</span></code></a> 中。如果存在，它使用后端的 <code class="docutils literal notranslate"><span class="pre">get_user()</span></code> 方法检索用户模型实例，然后通过调用用户模型的 <a class="reference internal" href="../../topics/auth/customizing.html#django.contrib.auth.models.AbstractBaseUser.get_session_auth_hash" title="django.contrib.auth.models.AbstractBaseUser.get_session_auth_hash"><code class="xref py py-meth docutils literal notranslate"><span class="pre">get_session_auth_hash()</span></code></a> 方法来认证会话。</p>
<p>如果存储在会话中的认证后端不再在 <a class="reference internal" href="../settings.html#std:setting-AUTHENTICATION_BACKENDS"><code class="xref std std-setting docutils literal notranslate"><span class="pre">AUTHENTICATION_BACKENDS</span></code></a> 中，如果后端的 <code class="docutils literal notranslate"><span class="pre">get_user()</span></code> 方法没有返回用户，或者会话认证的哈希没有认证，则返回一个 <a class="reference internal" href="#django.contrib.auth.models.AnonymousUser" title="django.contrib.auth.models.AnonymousUser"><code class="xref py py-class docutils literal notranslate"><span class="pre">AnonymousUser</span></code></a> 的实例。</p>
</dd></dl>

</div>
</div>


          </div>
        </div>
      </div>
      
        
          <div class="yui-b" id="sidebar">
            
      <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
        <div class="sphinxsidebarwrapper">
  <h3><a href="../../contents.html">Table of Contents</a></h3>
  <ul>
<li><a class="reference internal" href="#"><code class="docutils literal notranslate"><span class="pre">django.contrib.auth</span></code></a><ul>
<li><a class="reference internal" href="#user-model"><code class="docutils literal notranslate"><span class="pre">User</span></code> 模型</a><ul>
<li><a class="reference internal" href="#fields">字段</a></li>
<li><a class="reference internal" href="#attributes">属性</a></li>
<li><a class="reference internal" href="#methods">方法</a></li>
<li><a class="reference internal" href="#manager-methods">管理器方法</a></li>
</ul>
</li>
<li><a class="reference internal" href="#anonymoususer-object"><code class="docutils literal notranslate"><span class="pre">AnonymousUser</span></code> 对象</a></li>
<li><a class="reference internal" href="#permission-model"><code class="docutils literal notranslate"><span class="pre">Permission</span></code> 模型</a><ul>
<li><a class="reference internal" href="#id1">字段</a></li>
<li><a class="reference internal" href="#id2">方法</a></li>
</ul>
</li>
<li><a class="reference internal" href="#group-model"><code class="docutils literal notranslate"><span class="pre">Group</span></code> 模型</a><ul>
<li><a class="reference internal" href="#id3">字段</a></li>
</ul>
</li>
<li><a class="reference internal" href="#validators">验证器</a></li>
<li><a class="reference internal" href="#module-django.contrib.auth.signals">登录和注销的信号</a></li>
<li><a class="reference internal" href="#module-django.contrib.auth.backends">认证后端</a><ul>
<li><a class="reference internal" href="#available-authentication-backends">可用的认证后端</a></li>
</ul>
</li>
<li><a class="reference internal" href="#utility-functions">实用工具函数</a></li>
</ul>
</li>
</ul>

  <h4>上一个主题</h4>
  <p class="topless"><a href="admin/javascript.html"
                        title="上一章">管理的 JavaScript 自定义</a></p>
  <h4>下一个主题</h4>
  <p class="topless"><a href="contenttypes.html"
                        title="下一章">内容类型框架</a></p>
  <div role="note" aria-label="source link">
    <h3>本页</h3>
    <ul class="this-page-menu">
      <li><a href="../../_sources/ref/contrib/auth.txt"
            rel="nofollow">显示源代码</a></li>
    </ul>
   </div>
<div id="searchbox" style="display: none" role="search">
  <h3>快速搜索</h3>
    <div class="searchformwrapper">
    <form class="search" action="../../search.html" method="get">
      <input type="text" name="q" />
      <input type="submit" value="转向" />
      <input type="hidden" name="check_keywords" value="yes" />
      <input type="hidden" name="area" value="default" />
    </form>
    </div>
</div>
<script type="text/javascript">$('#searchbox').show(0);</script>
        </div>
      </div>
              <h3>Last update:</h3>
              <p class="topless">12月 07, 2021</p>
          </div>
        
      
    </div>

    <div id="ft">
      <div class="nav">
    &laquo; <a href="admin/javascript.html" title="管理的 JavaScript 自定义">previous</a>
     |
    <a href="../index.html" title="API 参考" accesskey="U">up</a>
   |
    <a href="contenttypes.html" title="内容类型框架">next</a> &raquo;</div>
    </div>
  </div>

      <div class="clearer"></div>
    </div>
  </body>
</html>